Revert "Clarified that keys should be SecretKey instances and not just Key instances."

jchambers · jchambers · commit a9c17e68ef8d · 2019-06-14T20:46:20.000-04:00
This reverts commit f1ea6bc.
diff --git a/README.md b/README.md
@@ -13,11 +13,11 @@ final TimeBasedOneTimePasswordGenerator totp = new TimeBasedOneTimePasswordGener
 To actually generate time-based one-time passwords, you'll need a secret key and a timestamp. Secure key management is beyond the scope of this document; for the purposes of an example, though, we'll generate a random key:
 
 ```java
-final SecretKey secretKey;
+final Key secretKey;
 {
     final KeyGenerator keyGenerator = KeyGenerator.getInstance(totp.getAlgorithm());
 
-    // SHA-1 and SHA-256 prefer 64-byte (512-bit) keys; SHA512 prefers 128-byte (1024-bit) keys
+    // HMAC-SHA1 and HMAC-SHA256 prefer 64-byte (512-bit) keys; HMAC-SHA512 prefers 128-byte (1024-bit) keys
     keyGenerator.init(512);
 
     secretKey = keyGenerator.generateKey();
diff --git a/src/main/java/com/eatthepath/otp/HmacOneTimePasswordGenerator.java b/src/main/java/com/eatthepath/otp/HmacOneTimePasswordGenerator.java
@@ -20,12 +20,13 @@
 
 package com.eatthepath.otp;
 
-import javax.crypto.Mac;
-import javax.crypto.SecretKey;
 import java.nio.ByteBuffer;
 import java.security.InvalidKeyException;
+import java.security.Key;
 import java.security.NoSuchAlgorithmException;
 
+import javax.crypto.Mac;
+
 /**
  * <p>Generates HMAC-based one-time passwords (HOTP) as specified in
  * <a href="https://tools.ietf.org/html/rfc4226">RFC&nbsp;4226</a>.</p>
@@ -122,20 +123,20 @@ protected HmacOneTimePasswordGenerator(final int passwordLength, final String al
     /**
      * Generates a one-time password using the given key and counter value.
      *
-     * @param secretKey a secret key to be used to generate the password
+     * @param key a secret key to be used to generate the password
      * @param counter the counter value to be used to generate the password
      *
      * @return an integer representation of a one-time password; callers will need to format the password for display
      * on their own
      *
      * @throws InvalidKeyException if the given key is inappropriate for initializing the {@link Mac} for this generator
      */
-    public int generateOneTimePassword(final SecretKey secretKey, final long counter) throws InvalidKeyException {
+    public int generateOneTimePassword(final Key key, final long counter) throws InvalidKeyException {
         final Mac mac;
 
         try {
             mac = Mac.getInstance(this.algorithm);
-            mac.init(secretKey);
+            mac.init(key);
         } catch (final NoSuchAlgorithmException e) {
             // This should never happen since we verify that the algorithm is legit in the constructor.
             throw new RuntimeException(e);
diff --git a/src/main/java/com/eatthepath/otp/TimeBasedOneTimePasswordGenerator.java b/src/main/java/com/eatthepath/otp/TimeBasedOneTimePasswordGenerator.java
@@ -21,8 +21,8 @@
 package com.eatthepath.otp;
 
 import javax.crypto.Mac;
-import javax.crypto.SecretKey;
 import java.security.InvalidKeyException;
+import java.security.Key;
 import java.security.NoSuchAlgorithmException;
 import java.util.Date;
 import java.util.concurrent.TimeUnit;
@@ -129,16 +129,16 @@ public TimeBasedOneTimePasswordGenerator(final long timeStep, final TimeUnit tim
     /**
      * Generates a one-time password using the given key and timestamp.
      *
-     * @param secretKey a secret key to be used to generate the password
+     * @param key a secret key to be used to generate the password
      * @param timestamp the timestamp for which to generate the password
      *
      * @return an integer representation of a one-time password; callers will need to format the password for display
      * on their own
      *
      * @throws InvalidKeyException if the given key is inappropriate for initializing the {@link Mac} for this generator
      */
-    public int generateOneTimePassword(final SecretKey secretKey, final Date timestamp) throws InvalidKeyException {
-        return this.generateOneTimePassword(secretKey, timestamp.getTime() / this.timeStepMillis);
+    public int generateOneTimePassword(final Key key, final Date timestamp) throws InvalidKeyException {
+        return this.generateOneTimePassword(key, timestamp.getTime() / this.timeStepMillis);
     }
 
     /**
diff --git a/src/test/java/com/eatthepath/otp/ExampleApp.java b/src/test/java/com/eatthepath/otp/ExampleApp.java
@@ -21,18 +21,17 @@
 package com.eatthepath.otp;
 
 import javax.crypto.KeyGenerator;
-import javax.crypto.SecretKey;
 import java.security.InvalidKeyException;
+import java.security.Key;
 import java.security.NoSuchAlgorithmException;
 import java.util.Date;
 import java.util.concurrent.TimeUnit;
 
 public class ExampleApp {
-
     public static void main(final String[] args) throws NoSuchAlgorithmException, InvalidKeyException {
         final TimeBasedOneTimePasswordGenerator totp = new TimeBasedOneTimePasswordGenerator();
 
-        final SecretKey secretKey;
+        final Key secretKey;
         {
             final KeyGenerator keyGenerator = KeyGenerator.getInstance(totp.getAlgorithm());
 
diff --git a/src/test/java/com/eatthepath/otp/HmacOneTimePasswordGeneratorTest.java b/src/test/java/com/eatthepath/otp/HmacOneTimePasswordGeneratorTest.java
@@ -20,17 +20,19 @@
 
 package com.eatthepath.otp;
 
-import junitparams.JUnitParamsRunner;
-import junitparams.Parameters;
-import org.junit.Test;
-import org.junit.runner.RunWith;
+import static org.junit.Assert.*;
 
-import javax.crypto.SecretKey;
-import javax.crypto.spec.SecretKeySpec;
 import java.nio.charset.StandardCharsets;
+import java.security.InvalidKeyException;
+import java.security.Key;
 import java.security.NoSuchAlgorithmException;
 
-import static org.junit.Assert.assertEquals;
+import javax.crypto.spec.SecretKeySpec;
+
+import junitparams.JUnitParamsRunner;
+import junitparams.Parameters;
+import org.junit.Test;
+import org.junit.runner.RunWith;
 
 @RunWith(JUnitParamsRunner.class)
 public class HmacOneTimePasswordGeneratorTest {
@@ -81,7 +83,7 @@ public void testGetAlgorithm() throws NoSuchAlgorithmException {
     public void testGenerateOneTimePassword(final int counter, final int expectedOneTimePassword) throws Exception {
         final HmacOneTimePasswordGenerator hmacOneTimePasswordGenerator = this.getDefaultGenerator();
 
-        final SecretKey key = new SecretKeySpec("12345678901234567890".getBytes(StandardCharsets.US_ASCII), "RAW");
+        final Key key = new SecretKeySpec("12345678901234567890".getBytes(StandardCharsets.US_ASCII), "RAW");
         assertEquals(expectedOneTimePassword, hmacOneTimePasswordGenerator.generateOneTimePassword(key, counter));
     }
 
diff --git a/src/test/java/com/eatthepath/otp/TimeBasedOneTimePasswordGeneratorTest.java b/src/test/java/com/eatthepath/otp/TimeBasedOneTimePasswordGeneratorTest.java
@@ -25,9 +25,9 @@
 import org.junit.Test;
 import org.junit.runner.RunWith;
 
-import javax.crypto.SecretKey;
 import javax.crypto.spec.SecretKeySpec;
 import java.nio.charset.StandardCharsets;
+import java.security.Key;
 import java.security.NoSuchAlgorithmException;
 import java.util.Date;
 import java.util.concurrent.TimeUnit;
@@ -87,10 +87,10 @@ public void testGenerateOneTimePassword(final String algorithm, final long epoch
 
         final Date date = new Date(TimeUnit.SECONDS.toMillis(epochSeconds));
 
-        assertEquals(expectedOneTimePassword, totp.generateOneTimePassword(getSecretKeyForAlgorithm(algorithm), date));
+        assertEquals(expectedOneTimePassword, totp.generateOneTimePassword(getKeyForAlgorithm(algorithm), date));
     }
 
-    private static SecretKey getSecretKeyForAlgorithm(final String algorithm) {
+    private static Key getKeyForAlgorithm(final String algorithm) {
         final String keyString;
 
         switch (algorithm) {
